Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 41 openjpeg: FEDORA-2024-3ecdf562bf critical: Malicious files issue

fedora
Calendar Grey September 22, 2024
Dist Fedora Esm H88
Important Fedora notification regarding CVE-2023-39327 for openjpeg highlights dangers posed by harmful files. Discover more!
Backport fix for CVE-2023-39327.

Summary

The OpenJPEG library is an open-source JPEG 2000 library developed in order to

promote the use of JPEG 2000.

This package contains

* JPEG 2000 codec compliant with the Part 1 of the standard (Class-1 Profile-1

compliance).

* JP2 (JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multiple

component transforms for multispectral and hyperspectral imagery)

Update Information:

Backport fix for CVE-2023-39327.

Topics%20covered

Topics Covered

security advisory software update Fedora malicious files C-Library JPEG 2000

Change Log

* Fri Sep 6 2024 Sandro Mani - 2.5.2-4 - Backport patch for CVE-2023-39327

References


[ 1 ] Bug #2295814 - CVE-2023-39327 openjpeg: Malicious files can cause the program to enter a large loop [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2295814

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-3ecdf562bf' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: openjpeg
Product: Fedora 41
Version: 2.5.2
Release: 4.fc41
URL: https://github.com/uclouvain/openjpeg
Summary: C-Library for JPEG 2000

Topics%20covered

Topics Covered

security advisory software update Fedora malicious files C-Library JPEG 2000

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here